Lucene search
K

46 matches found

ATTACKERKB
ATTACKERKB
added 2023/11/22 5:15 p.m.7 views

CVE-2023-20240

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS5.8AI score0.00197EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2023/11/22 5:15 p.m.18 views

Out-of-bounds

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

1.7CVSS6.9AI score0.00197EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2023/11/22 5:10 p.m.3 views

CVE-2023-20241

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS5.5AI score0.00197EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/22 5:10 p.m.10 views

CVE-2023-20240

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS6.1AI score0.00197EPSS
Exploits0References1
Cisco
Cisco
added 2023/11/15 4:0 p.m.41 views

Cisco Secure Client Software Denial of Service Vulnerabilities

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...

5.5CVSS5.6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/11/15 12:0 a.m.4 views

PT-2023-7118 · Cisco · Cisco Secure Client

Name of the Vulnerable Software and Affected Versions: Cisco Secure Client Software affected versions not specified Description: The issue is related to multiple vulnerabilities in Cisco Secure Client Software that could allow an authenticated, local attacker to cause a denial of service DoS...

5.5CVSS5.5AI score0.00197EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2023/11/15 12:0 a.m.6 views

PT-2023-7117 · Cisco · Cisco Secure Client

Name of the Vulnerable Software and Affected Versions: Cisco Secure Client Software affected versions not specified Description: The issue is related to multiple vulnerabilities in Cisco Secure Client Software that could allow an authenticated, local attacker to cause a denial of service DoS...

5.5CVSS5.5AI score0.00197EPSS
Exploits0References7
Amazon
Amazon
added 2022/07/20 12:0 a.m.71 views

Medium: git

Issue Overview: A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system when running commands specified in the local repository configuration. This issue allows the owner of the repository to cause arbitrary commands to ...

7.8CVSS7.9AI score0.00445EPSS
Exploits0
Amazon
Amazon
added 2022/06/09 12:0 a.m.61 views

Medium: git

Issue Overview: A vulnerability was found in Git. This flaw occurs due to Git not checking the ownership of directories in a local multi-user system when running commands specified in the local repository configuration. This allows the owner of the repository to cause arbitrary commands to be...

7.8CVSS7.2AI score0.00782EPSS
Exploits0
Huntr
Huntr
added 2021/10/23 1:34 p.m.12 views

Improper Privilege Management in shadow-maint/shadow

Description The su utility, if compiled with PAM support, uses waitpid internally to monitor its child process. It depends on the creation of zombie processes for proper monitoring, but the creation can be suppressed by ignoring the SIGCHLD signal see waitpid manual page. If su is spawned from a...

7.1AI score0.00279EPSS
Exploits0References1
OSV
OSV
added 2020/03/16 4:15 p.m.2 views

UBUNTU-CVE-2020-1740

A flaw was found in Ansible Engine when using Ansible Vault for editing encrypted files. When a user executes "ansible-vault edit", another user on the same computer can read the old and new secret, as it is created in a temporary file with mkstemp and the returned file descriptor is closed and t...

4.7CVSS6.6AI score0.00374EPSS
Exploits0References3
Veracode
Veracode
added 2019/04/25 7:39 a.m.21 views

Symlink Attack

github.com/snapcore/snapd is vulnerable to symlink attack. A malicious current working directory can be used to bypass permission checks on a multi-user system. The vulnerability can be exploited when snap-confine changes the current working directory and attempts to restore the original working...

7.5CVSS7.2AI score0.02418EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2018/07/27 6:29 p.m.22 views

Design/Logic Flaw

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions...

2.1CVSS5.2AI score0.00538EPSS
Exploits3References8Affected Software7
NVD
NVD
added 2018/07/27 6:29 p.m.18 views

CVE-2017-2625

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions...

6.5CVSS5.8AI score0.00538EPSS
Exploits3References8
OSV
OSV
added 2018/07/27 6:29 p.m.26 views

CVE-2017-2625

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions...

5.5CVSS3.5AI score0.00538EPSS
Exploits3References8
OSV
OSV
added 2018/07/27 6:29 p.m.2 views

UBUNTU-CVE-2017-2625

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions...

6.5CVSS6.6AI score0.00538EPSS
Exploits3References5
AlpineLinux
AlpineLinux
added 2018/07/27 6:0 p.m.46 views

CVE-2017-2625

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions...

6.5CVSS5.6AI score0.00538EPSS
Exploits3
Debian CVE
Debian CVE
added 2018/07/27 6:0 p.m.27 views

CVE-2017-2625

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions...

6.5CVSS6.1AI score0.00538EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2017/03/01 12:18 a.m.31 views

CVE-2017-2625

It was discovered that libXdmcp used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users' sessions...

6.5CVSS3.5AI score0.00538EPSS
Exploits3References1
Kitploit
Kitploit
added 2016/11/18 2:24 p.m.19 views

Acunetix v11 - Web Application Security Testing Tool

London, UK – November 2016 – Acunetix, the pioneer in automated web application security software, has announced the release of version 11. New integrated vulnerability management features extend the enterprise’s ability to comprehensively manage, prioritise and control vulnerability threats –...

7.4AI score
Exploits0
Rows per page
Query Builder